[Samba] Cloning from a backup: unable to reach any KDC in realm
Andrew Bartlett
abartlet at samba.org
Fri Nov 15 21:55:55 UTC 2019
On Fri, 2019-11-15 at 20:16 +0000, Don Kuenz via samba wrote:
>
> Greetings,
>
> This post pertains to a Disaster Recovery (DR) scenario on a Samba
> 4.8
> server. The DR server was provisioned as a standalone host, on a
> network isolated from the Production Server (PS).
> The DR's /var/db/samba4 directory, which contains the private
> directory, was then renamed and replaced with the PS' /var/db/samba4
> backup. kinit now fails on the DR with:
>
> kinit: krb5_get_init_creds: unable to reach any KDC in realm
> PRODUCTION
>
> Will samba_dnsupdate --verbose resolve this situation?
> Is there a way for the DR host to seize the KDC?
> What is the correct procedure to provision and clone a DR host from a
> backup?
The correct procedure is
https://wiki.samba.org/index.php/Back_up_and_Restoring_a_Samba_AD_DC
Just copying the files isn't advised, to start with a lock needs to be
taken over all the files to ensure a stable backup, which can only be
taken with the correct tools, unless the server has been stopped.
Andrew Bartlett
--
Andrew Bartlett https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Developer, Catalyst IT
https://catalyst.net.nz/services/samba
More information about the samba
mailing list